摘要 | 人工智能与大数据的迅猛发展, 使得数据成为了重要的生产资料和流通要素。如何能在安全合规, 确保数据隐私安全的前提下, 充分发挥数据价值, 成为了公众关心的热点问题。隐私计算, 作为新兴的技术体系, 它可以通过密码学、可信硬件、多方安全计算、差分隐私等交叉融合技术, 实现数据的可用不可见, 达到数据安全流通, 发挥数据价值的目的。随着学术界以及工业领域的日益关注, 隐私计算已成为新的技术热点, 也成为商业和资本竞争的热门赛道。文章综述了隐私计算的技术原理, 对隐私计算中的关键技术进行了分类详述, 包括可信计算、多方安全计算、联邦学习、差分隐私、匿踪查询等。同时, 文章也从安全性, 技术优势, 存在的风险点等多维度, 对隐私计算技术进行了对比分析。另外, 文章也总结分析了隐私计算在国内各个行业的发展和应用, 侧面验证了隐私计算在数据流通和数据价值实现等方面的显著贡献。最后, 文章对隐私计算的发展现状和面临挑战进行了总结, 并展望了隐私计算未来的发展趋势。 |
Abstract | This paper presents a comprehensive review of privacy-preserving computation, including its various methods, such as Trusted Environment Execution (TEE) computation, Secure Multi-Party Computation (SMPC) , Federated Learning (FL) , Differential Privacy (DP) , and Private Information Retrieval (PIR) , et. It also analyzes and compares these methods from the aspects of security, advantages/disadvantages, and risks. Additionally, this paper investigates the applications and development of privacy-preserving computation, which finally demonstrates that privacy-preserving computation has a significant contribution on data circulation and data value realization. At last, the paper analyzes the current situation and challenges of privacy- preserving computation, while pointing out the future direction of it. |
DOI | 10.48014/ccsr.20230517001 |
文章类型 | 综 述 |
收稿日期 | 2023-05-18 |
接收日期 | 2023-08-25 |
出版日期 | 2023-09-28 |
关键词 | 隐私计算, 数据安全, 联邦学习, 差分隐私, 多方安全计算 |
Keywords | Privacy-preserving computation, data security, federated learning, differential privacy, secure multi-party computation |
作者 | 王伟1, 邵瑜1, 段佳2,*, 张泽华2 |
Author | WANG Wei1, SHAO Yu1, DUAN Jia2,*, ZHANG Zehua2 |
所在单位 | 1. 北京理工大学医学技术学院, 北京 102676; 2. 京东零售平台运营与营销中心, 北京 102676。 |
Company | 1. School of Medical Technology, Beijing Institute of Technology, Beijing 102676, China 2. JD Retail Platform Operation and Marketing Center, JD. com, Beijing 102676, China. |
浏览量 | 355 |
下载量 | 174 |
参考文献 | [1] 符芳诚, 侯忱, 程勇, 等. 隐私计算关键技术与创新[J]. 信息通信技术与政策, 2021, 47(6): 27. [2] 闫树, 吕艾临. 隐私计算发展综述[J]. 信息通信技术与政策, 2021, 47(6): 1-1. [3] Costan V, Devadas S. Intel SGX Explained[J]. Cryptology ePrint Archive, 2016. [4] Zheng W, Wu Y, Wu X, et al. A Survey of Intel SGX and Its Applications[J]. Frontiers of Computer Science, 2021, 15(3): 1-15. https://doi.org/10.1007/s11704-019-9096-y [5] Mohassel P, Rindal P. ABY3: A Mixed Protocol Framework for Machine Learning[C]. Proc. ACM SIGSAC Conf. Computer Communications Security: 35-52. [6] Keller M. MP-SPDZ: A Versatile Framework for Multiparty Computation[C]. Proc. ACM SIGSAC Conf. Computer and Communications Security: 1575-1590. [7] Chandran N, Gupta D, Rastogi A, et al. EzPC: Programmable, Efficient, and Scalable Secure Two-Party Computation for Machine Learning[C]. 2019 IEEE European Symposium on Security and Privacy(EuroS&P), 2017: 496-511. [8] Mcmahan B, Moore E, Ramage D, et al. Communication- Efficient Learning of Deep Networks from Decentralized Data[C]. Proc. Artificial Intelligence and Statistics: 1273-1282. [9] Yang Q, Liu Y, Chen T, Tong Y. Federated Machine Learning: Concept and Applications[J]. ACM Trans. Intelligent Systems and Technology, 2019, 10(2): 1-19. https://doi.org/10.1145/3298981 [10] 丁丽萍, 卢国庆. 面向频繁模式挖掘的差分隐私保护研究综述[J]. 通信学报, 2014, 35(10): 200-209. https://doi.org/10.3969/j.issn.1000-436x.2014.10.023 [11] Dwork C. The Differential Privacy Frontier[C]. Proc. Theory of Cryptography Conf. : 496-502. [12] Angel S, Chen H, Laine K, Setty S. PIR with Compressed Queries and Amortized Query Processing[C]. Proc. IEEE Symposium on Security and Privacy: 962-979. [13] Ali A, Lepoint T, Patel S, et al. Communication-Computation Trade-offs in PIR[C]. Proc. USENIX Security Symposium: 1811-1828. [14] Bay A, Erkin Z, Alishahi M, Vos J. Multi-Party Private Set Intersection Protocols for Practical Applications[C]. Proc. Int. Conf. Security and Cryptography: 515-522. [15] Bay A, Erkin Z, Hoepman J-H, et al. Practical Multi- Party Private Set Intersection Protocols[J]. IEEE Trans. Information Forensics and Security, 2021, 17: 1-15. https://doi.org/10.1109/TIFS.2021.3118879 [16] Kaplan D, Powell J, Woller T. AMD Memory Encryption[R]. White Paper, 2016. [17] Pinto S, Santos N. Demystifying Arm Trustzone: A Comprehensive Survey[J]. ACM Computing Surveys, 2019, 51(6): 1-36. https://doi.org/10.1145/3291047 [18] Pinto S, Garlati C. Multi Zone Security for Arm Cortex- M Devices[C]. Proc. Embedded World Conference. [19] Feng E, Lu X, Du D, et al. Scalable Memory Protection in the PENGLAI Enclave[C]. Proc. USENIX Symposium on Operating Systems Design and Implementation: 275-294. [20] Shamir A. How to Share A Secret[J]. Communications of the ACM, 1979, 22(11): 612-613. https://doi.org/10.1145/359168.359176 [21] Yao A C. Protocols for Secure Computations[C]. Proc. Annual Symposium on Foundations of Computer Science: 160-164. [22] Gentry C. Fully Homomorphic Encryption Using Ideal Lattices[C]. Proc. ACM Symposium on Theory of Computing, 2009: 169-178. [23] Rabin M O. How to Exchange Secrets with Oblivious Transfer[R]. Cryptology ePrint Archive, 2005: 1-26. [24] Nielsen J B, Orlandi C. LEGO for Two-Party Secure Computation[C]. Proc. Theory of Cryptography Conf. , 2009: 368-386. [25] Damgård I, Zakarias S. Constant-Overhead Secure Computation of Boolean Circuits Using Preprocessing[C]. Proc. Theory of Cryptography Conf. , 2013: 621-641. [26] Huang Z, Lu W J, Hong C, Ding J. Cheetah: Lean and Fast Secure Two-Party Deep Neural Network Inference[J]. IACR Cryptol. ePrint Arch. , 2022: 207. [27] Rathee D, Rathee M, Kumar N, et al. CrypTFlow2: Practical 2-Party Secure Inference[C]. Proc. ACM SIGSAC Conf. Computer and Communications Security, 2020: 325-342. [28] Li T, Sahu A K, Zaheer M, et al. Federated Optimization in Heterogeneous Networks[C]. Proc. Machine Learning and Systems, 2020: 429-450. [29] Acar D a E, Zhao Y, Matas R, et al. Federated Learning Based on Dynamic Regularization[C]. Proc. Int. Conf. Learning Representations, 2021: 1-36. [30] Zhu L, Liu Z, Han S. Deep leakage from gradients[C]. Proc. Int. Conf. Neural Info. Processing Systems, 2019: 14774-14784. [31] Yin H, Mallya A, Vahdat A, et al. See Through Gradients: Image Batch Recovery via Gradinversion[C]. Proc. IEEE/CVF Conf. Computer Vision and Pattern Recognition, 2021: 16337-16346. [32] Zhang C, Li S, Xia J, et al. Batchcrypt: Efficient Homomorphic Encryption for Cross-silo Federated Learning[C]. Proc. USENIX Annual Technical Conf, 2020: 493-506. [33] Hardy S, Henecka W, Ivey-Law H, et al. Private Federated Learning on Vertically Partitioned Data via Entity Resolution and Additively Homomorphic Encryption[J]. arXiv preprint arXiv: 1711. 10677, 2017. https://doi.org/10.48550/arXiv.1711.10677 [34] Brisimi T S, Chen R, Mela T, et al. Federated Learning of Predictive Models from Federated Electronic Health Records[J]. Int. Journal of Medical Informatics, 2018, 112: 59-67. https://doi.org/10.1016/j.ijmedinf.2018.01.007 [35] Jiang L, Tan R, Lou X, et al. On Lightweight Privacy- Preserving Collaborative Learning for Internet-of- Things Objects[C]. Proc. Int. Conf. Internet of Things Design and Implementation, 2019: 70-81. [36] Dwork C, Mcsherry F, Nissim K, et al. Calibrating Noise to Sensitivity in Private Data Analysis[C]. Proc. Theory of Cryptography Conf. , 2006: 265-284. [37] Gupta A, Roth A, Ullman J. Iterative Constructions and Private Data Release[C]. Proc. Theory of Cryptography Conf. , 2012: 339-356. [38] Cormode G, Jha S, Kulkarni T, et al. Privacy at Scale: Local Differential Privacy in Practice[C]. Proc. Int. Conf. Management of Data, 2018: 1655-1658. [39] Kairouz P, Bonawitz K, Ramage D. Discrete Distribution Estimation under Local Privacy[C]. Proc. Int. Conf. Machine Learning, 2016: 2436-2444. [40] Wang T, Blocki J, Li N, et al. Locally Differentially Private Protocols for Frequency Estimation[C]. Proc. USENIX Security Symposium, 2017: 729-745. [41] Bassily R, Smith A. Local, Private, Efficient Protocols for Succinct Histograms[C]. Proc. ACM Symposium on Theory of Computing, 2015: 127-135. [42] Acharya J, Sun Z, Zhang H. Hadamard Response: Estimating Distributions Privately, Efficiently, and with Little Communication[C]. Proc. Artificial Intelligence and Statistics, 2019: 1120-1129. [43] Zheng K, Mou W, Wang L. Collect at Once, Use Effectively: Making Non-Interactive Locally Private Learning Possible[C]. Proc. Int. Conf. Machine Learning, 2017: 4130-4139. [44] Abadi M, Chu A, Goodfellow I, et al. Deep Learning with Differential Privacy[C]. Proc. ACM SIGSAC Conf. Computer and Communications Security, 2016: 308-318. [45] Wang D, Gaboardi M, Xu J. Empirical Risk Minimization in Non-Interactive Local Differential Privacy Revisited[C]. Proc. Int. Conf. Neural Info. Processing Systems, 2018: 973-982. [46] Meadows C. A More Efficient Cryptographic Matchmaking Protocol for Use in The Absence of A Continuously Available Third Party[C]. Proc. IEEE Symposium on Security and Privacy, 1986: 134-144. [47] Huang Y, Evans D, Katz J. Private Set Intersection: Are Aarbled Circuits Better than Custom Protocols?[C]. Proc. NDSS, 2012: 1-5. [48] Huang Y, Evans D, Katz J, et al. Faster Secure {Two- Party} Computation Using Garbled Circuits[C]. Proc. USENIX Security Symposium, 2011: 35-45. [49] Kolesnikov V, Kumaresan R, Rosulek M, et al. Efficient Batched Oblivious PRF with Applications to Private Set Intersection[C]. Proc. ACM SIGSAC Conf. Computer and Communications Security, 2016: 818-829. [50] Inbar R, Omri E, Pinkas B. Efficient Scalable Multiparty Private Set-Intersection via Garbled Bloom Filters[C]. Proc. Int. Conf. Security and Cryptography for Networks, 2018: 235-252. [51] Dong C, Chen L, Wen Z. When Private Set Intersection Mmeets Big Data: An Eefficient and Scalable Protocol[C]. Proc. ACM SIGSAC Conf. Computer and Communications Security, 2013: 789-800. [52] Chor B, Kushilevitz E, Goldreich O, et al. Private Information Retrieval[J]. Journal of the ACM, 1998, 45(6): 965-981. https://doi.org/10.1145/1721654.1721674 [53] Mughees M H, Chen H, Ren L. OnionPIR: Response Efficient Single-Server PIR[C]. Proc. ACM SIGSAC Conf. Computer and Communications Security, 2021: 2292-2306. [54] Chen H, Huang Z, Laine K, Rindal P. Labeled PSI from Fully Homomorphic Encryption with Malicious Security[C]. Proc. ACM SIGSAC Conf. Computer and Communications Security, 2018: 1223-1237. [55] Chor B, Gilboay N, Naorz M. Private Information Retrieval by Keywords[J]. IACR Cryptol. ePrint Arch. , 1997: 1-19. [56] 艾瑞咨询. 2022 年中国隐私计算行业研究报告[R]. 2022: 1-89. |
引用本文 | 王伟, 邵瑜, 段佳, 等. 隐私计算: 技术方法和行业应用的综述[J]. 中国计算机科学评论, 2023, 1(1): 1-12. |
Citation | WANG Wei, SHAO Yu, DUAN Jia, et al. Privacy-preserving computation: a comprehensive survey of methods and applications[J]. Chinese Computer Sciences Review, 2023, 1(1): 1-12. |